Category: Shorts

Zaraza Bot Credential-Stealer Sold on Telegram Zaraza bot is a credential-stealing malware being actively distributed on a Russian Telegram hacker channel. It can target up to 38 web browsers, capture screenshots of the active window, and send stolen credentials to the attackers. It is being offered as a commercial tool for other cybercriminals. To protect…

NPM DoS Attack: Hackers Flood Service with Bogus Packages Threat actors have been flooding the npm open source package repository for Node.js with malicious packages, leading to a denial-of-service (DoS) attack. These packages have links to malicious websites, taking advantage of open-source ecosystems’ good reputation on search engines, and have pushed the number of package…

Cryptocurrency Malware Distributed via 13 NuGet Packages Cybersecurity researchers have uncovered a malicious cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The attack culminates in the deployment of a .NET-based persistent backdoor, called Impala Stealer, which is capable of gaining unauthorized access…

DeathNote campaign by Lazarus hacker group evolves tactics, tools, and targets The Lazarus Group, a North Korean threat actor, has been actively targeting the cryptocurrency, automotive, academic, and defense sectors in Eastern Europe and other parts of the world. They use phishing emails with bitcoin-mining lures, malware-laced documents, and rogue PDF reader apps to deliver…

A new Python-based hacking tool, Legion, has emerged on Telegram. Legion is a Python-based hacking tool being marketed to threat actors for breaking into various online services. It includes modules for exploiting vulnerable SMTP servers, Apache, cPanel, and WebHost Manager accounts, and is similar to the AndroxGh0st malware family. It is designed to steal API…

Kodi confirms data breach: 400,000 user records and private messages stolen Kodi, an open source media player software provider, has experienced a data breach. Unknown threat actors stole the company’s MyBB forum database, containing user data and private messages, and attempted to sell it. Kodi has disabled the account used to access the database, initiated…

Russian Hackers Launch Attacks on Foreign Diplomatic Entities APT29, a Russia-linked threat actor, is responsible for an ongoing cyber espionage campaign targeting foreign ministries, diplomatic entities, and European Union countries. According to Poland’s Military Counterintelligence Service, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as Nobelium. This campaign represents an evolution…